zerotier: do not allow executable stack

zerotier as default has executable stack.
[   11.343143] process '/usr/bin/zerotier-one' started with executable stack

executable stacks are not recommend, possibly provide a threat and there
seems to be no advantage of executable stack with zerotier-one - so let's
build it without instead.

Stack is executable on x86_64, but not on all archs, such as ramips.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 56f30520f2413f9f1434def5b533a265912aea1c)

diff --git a/net/zerotier/Makefile b/net/zerotier/Makefile
index 47e3f7a630a2dfe3ac4f2692f7936da1264f635d..01ad05248f3772b17edc0143d389011746d118c8 100644 (file)
--- a/net/zerotier/Makefile
+++ b/net/zerotier/Makefile
@@ -58,8 +58,8 @@ endif
 endef
 
 # Make binary smaller
-TARGET_CFLAGS += -ffunction-sections -fdata-sections
-TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+TARGET_CFLAGS += -ffunction-sections -fdata-sections -Wl,-z,noexecstack
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed -Wl,-z,noexecstack
 
 define Package/zerotier/conffiles
 /etc/config/zerotier